Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
SUSE Linux Enterprise Server Number Of NVD 472 CRITICAL 27 HIGH 179 MEDIUM 215 LOW 51
URL https://www.suse.com/
Explanation Support is normally provided for 10 years after release, with service pack releases ending after about 8 years.
After 10 years, extended support is available for a fee, with yearly updates.
Tag
  • 商用ライセンス有り
  • Linux
Add Information URL
No Type Name URL
1 https://www.suse.com/lifecycle/
2 https://www.suse.com/support/policy/
3 https://www.suse.com/releasenotes/
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
441 SUSE Linux Enterprise Server 15 SUSE Linux Enterprise Server 15 SP5 May 22, 2023 July 16, 2018 July 31, 2028 July 31, 2031 3 8 2 1
442 SUSE Linux Enterprise Server 12 Service Pack 5 Dec. 9, 2019 Oct. 24, 2014 Oct. 31, 2024 Oct. 31, 2027 18 41 78 9
443 SUSE Linux Enterprise Server 11 March 24, 2009 March 31, 2019 March 31, 2022 15 149 148 31
444 SUSE Linux Enterprise Server 10 June 17, 2006 July 31, 2013 6 104 65 23
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
441 7.1
6.6 		HIGH
Local 		The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying t… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2009-3939 cpe:2.3:o:suse:linux_enterprise_server:11:-
cpe:2.3:o:suse:linux_enterprise_server:10:sp3 		2026-04-23 09:35
2009-11-17 		Show GitHub Exploit DB Packet Storm
442 7.8
4.9 		HIGH
Local 		The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of… CWE-476
CWE-908
 NULL Pointer Dereference
 Use of Uninitialized Resource 		CVE-2009-3620 cpe:2.3:o:suse:linux_enterprise_server:8:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp3
cpe:2.3:o:suse:linux_ent… 		2026-04-23 09:35
2009-10-23 		Show GitHub Exploit DB Packet Storm
443 -
2.1 		LOW arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register va… CWE-200
Information Exposure 		CVE-2009-2910 cpe:2.3:o:suse:linux_enterprise_server:9:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp2 		2026-04-23 09:35
2009-10-21 		Show GitHub Exploit DB Packet Storm
444 -
2.1 		LOW The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure mem… CWE-200
Information Exposure 		CVE-2009-3612 cpe:2.3:o:suse:linux_enterprise_server:10:sp3
cpe:2.3:o:suse:linux_enterprise_server:10:sp2 		2026-04-23 09:35
2009-10-20 		Show GitHub Exploit DB Packet Storm
445 5.5
7.8 		MEDIUM
Local 		The get_random_int function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat … CWE-338
 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) 		CVE-2009-3238 cpe:2.3:o:suse:linux_enterprise_server:10:sp2 2026-04-23 09:35
2009-09-18 		Show GitHub Exploit DB Packet Storm
446 -
6.8 		MEDIUM The core server component in PostgreSQL 8.3 before 8.3.8 and 8.2 before 8.2.14, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty pass… CWE-287
Improper Authentication 		CVE-2009-3231 cpe:2.3:o:suse:linux_enterprise_server:9:* 2026-04-23 09:35
2009-09-17 		Show GitHub Exploit DB Packet Storm
447 -
7.1 		HIGH Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and ipddp modules are loaded but the ipddp"N" device is not found, allow… CWE-772
 Missing Release of Resource after Effective Lifetime 		CVE-2009-2903 cpe:2.3:o:suse:linux_enterprise_server:9:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp3
cpe:2.3:o:suse:linux_ent… 		2026-04-23 09:35
2009-09-16 		Show GitHub Exploit DB Packet Storm
448 -
5.0 		MEDIUM The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of … NVD-CWE-Other
CVE-2009-3095 cpe:2.3:o:suse:linux_enterprise_server:9:*
cpe:2.3:o:suse:linux_enterprise_server:11:-
cpe:2.3:o:suse:linux_enter… 		2026-04-23 09:35
2009-09-9 		Show GitHub Exploit DB Packet Storm
449 7.8
7.2 		HIGH
Local 		The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (N… CWE-476
 NULL Pointer Dereference 		CVE-2009-2698 cpe:2.3:o:suse:linux_enterprise_server:9:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp2 		2026-04-23 09:35
2009-08-28 		Show GitHub Exploit DB Packet Storm
450 -
5.9 		MEDIUM The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory c… CWE-269
 Improper Privilege Management 		CVE-2009-2848 cpe:2.3:o:suse:linux_enterprise_server:9:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp2 		2026-04-23 09:35
2009-08-19 		Show GitHub Exploit DB Packet Storm